Closed xorduna closed 1 month ago
After digging into the problem, i have seen that it seems there is a conflict between the policy set in the values.yaml. Comenting the capabilities.drop in the original values.yaml
makes enabling the listening on lower ports to work.
# securityContext for containers.
containerSecurityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsUser: 1000
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
# capabilities:
# drop:
# - ALL
This change was introduced in: https://github.com/Kong/charts/commit/179f76c1757747396b023c1b0b6ad32946a34257 by @rainest
What still bothers me is that the difference between those two options, wether or not the pod is able to reach the admin api client
Finally, installing kong/kong
with the following options makes everything work
helm install kic kong/kong -n kong -f proxy-stream-security.yaml
containerSecurityContext: # run as root to bind to lower ports
capabilities:
add: [NET_BIND_SERVICE]
drop: []
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
proxy:
stream:
- containerPort: 25
servicePort: 25
protocol: TCP
- containerPort: 587
servicePort: 587
protocol: TCP
parameters: [ssl]
You just need to override the capabilities.drop
to []
But my limited knowledge of kong or/and kubernetes makes me wonder wether or not keeps with the spirit of issue https://github.com/Kong/kubernetes-ingress-controller/issues/4102 and https://github.com/Kong/charts/pull/909.
We want to drop all capabilities by default because most install don't need them and it allows installing into restricted namespaces.
AFAIK setting an explicit []
empty array value is indeed all you need here. The way default overrides work for array and object types in Helm YAML merges unfortunately isn't entirely intuitive.
Closing this since it looks solved, but if there was still some lingering issue please respond back and we can review further.
Hi,
Maybe we can add a small comment on the documentation?
Thanks
Is there an existing issue for this?
kong/kong
project (https://github.com/Kong/kong/issues/12898) but IMHO, i think this is more a misconfiguration or chart issue.Context
Freshly installed kubernetes with version 1.29.1 in digitalocean
Kong version ($ kong version)
3.6
Chart version
tried with both
kong/kong 2.38.0
andkong/ingress 0.12.0
Expected behaviour
I would like to use Kong Ingress Controller to listen on ports 25 and 587 because i want to expose email services that are running inside the cluster. I would like also to do SNI based routing on the port 587.
Current Behaviour
According to documentation to enable listening on ports lower than 1024, the gateway needs to run as root. This is done via the values configuration:
those values are placed in
values.yaml
The status of the pods is checked via
When this option is used, the pod never starts because it tries to call the admin api client but gets a "conection refused".
Detailed logs
``` Defaulted container "ingress-controller" out of: ingress-controller, proxy, clear-stale-pid (init) 2024-05-05T15:41:33Z info Diagnostics server disabled {"v": 0} 2024-05-05T15:41:33Z info setup Starting controller manager {"v": 0, "release": "3.1.4", "repo": "https://github.com/Kong/kubernetes-ingress-controller.git", "commit": "ebae7a53040f8f95272e8fa642244a88a6df57fd"} 2024-05-05T15:41:33Z info setup The ingress class name has been set {"v": 0, "value": "kong"} 2024-05-05T15:41:33Z info setup Getting enabled options and features {"v": 0} 2024-05-05T15:41:33Z info setup Getting the kubernetes client configuration {"v": 0} W0505 15:41:33.633804 1 client_config.go:618] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work. 2024-05-05T15:41:33Z info setup Starting standalone health check server {"v": 0} 2024-05-05T15:41:33Z info setup Getting the kong admin api client configuration {"v": 0} 2024-05-05T15:41:33Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "0/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:34Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "1/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:35Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "2/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:36Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "3/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:37Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "4/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:38Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "5/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:39Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "6/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:40Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "7/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:41Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "8/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:42Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "9/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:43Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "10/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:44Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "11/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:45Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "12/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:46Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "13/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:47Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "14/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:48Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "15/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:49Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "16/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:50Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "17/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:51Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "18/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:52Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "19/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:53Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "20/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:54Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "21/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:55Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "22/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:56Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "23/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:57Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "24/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:58Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "25/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:41:59Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "26/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:00Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "27/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:01Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "28/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:02Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "29/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:03Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "30/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:04Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "31/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:05Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "32/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:06Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "33/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:07Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "34/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:08Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "35/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:09Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "36/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:10Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "37/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:11Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "38/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:12Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "39/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:13Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "40/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:14Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "41/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:15Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "42/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:16Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "43/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:17Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "44/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:18Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "45/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:19Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "46/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:20Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "47/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:21Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "48/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:22Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "49/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:23Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "50/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:24Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "51/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:25Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "52/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:26Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "53/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:27Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "54/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:28Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "55/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:29Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "56/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:30Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "57/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:31Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "58/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:42:32Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "59/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} Error: could not retrieve Kong admin root(s): making HTTP request: Get "https://localhost:8444/": dial tcp [::1]:8444: connect: connection refused ```Some findings
remove stream section
If I remove the proxy stream section (in older versions of the chart, it was needed to patch manually the service once it was deployed) the behaviour is the same.
remove security context section If I remove the containerSecurityContext section and only keep the stream section on ports 25 and 587 it gives the same error.
enable stream on ports higher than 1024
if I try to enable stream on ports higher than 1024, the pod starts perfectly although the connection to the admin api fails for 5 times.
Detailed logs
``` Defaulted container "ingress-controller" out of: ingress-controller, proxy, clear-stale-pid (init) 2024-05-05T15:58:05Z info Diagnostics server disabled {"v": 0} 2024-05-05T15:58:05Z info setup Starting controller manager {"v": 0, "release": "3.1.4", "repo": "https://github.com/Kong/kubernetes-ingress-controller.git", "commit": "ebae7a53040f8f95272e8fa642244a88a6df57fd"} 2024-05-05T15:58:05Z info setup The ingress class name has been set {"v": 0, "value": "kong"} 2024-05-05T15:58:05Z info setup Getting enabled options and features {"v": 0} 2024-05-05T15:58:05Z info setup Getting the kubernetes client configuration {"v": 0} W0505 15:58:05.279219 1 client_config.go:618] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work. 2024-05-05T15:58:05Z info setup Starting standalone health check server {"v": 0} 2024-05-05T15:58:05Z info setup Getting the kong admin api client configuration {"v": 0} 2024-05-05T15:58:05Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "0/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:06Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "1/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:07Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "2/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:08Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "3/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:09Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "4/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:10Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "5/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:11Z info setup Retrying kong admin api client call after error {"v": 0, "retries": "6/60", "error": "making HTTP request: Get \"https://localhost:8444/\": dial tcp [::1]:8444: connect: connection refused"} 2024-05-05T15:58:13Z info setup Configuring and building the controller manager {"v": 0} 2024-05-05T15:58:13Z info setup Building the manager runtime scheme and loading apis into the scheme {"v": 0} 2024-05-05T15:58:13Z info setup DB-less mode detected, disabling leader election {"v": 0} 2024-05-05T15:58:13Z info setup Initializing Dataplane Client {"v": 0} 2024-05-05T15:58:13Z info setup Emitting Kubernetes events enabled, creating an event recorder for kong-client {"v": 0} 2024-05-05T15:58:13Z info setup Starting Admission Server {"v": 0} 2024-05-05T15:58:13Z info controller-runtime.certwatcher Updated current TLS certificate {"v": 0} 2024-05-05T15:58:13Z info setup Initializing Dataplane Synchronizer {"v": 0} 2024-05-05T15:58:13Z info setup Starting Status Updater {"v": 0} 2024-05-05T15:58:13Z info setup Initializing Dataplane address Discovery {"v": 0} 2024-05-05T15:58:13Z info setup Falling back to a default address finder for UDP {"v": 0, "reason": "no publish status address or publish service were provided"} 2024-05-05T15:58:13Z info setup Starting Enabled Controllers {"v": 0} 2024-05-05T15:58:13Z info controller-runtime.certwatcher Starting certificate watcher {"v": 0} 2024-05-05T15:58:13Z info setup Add readiness probe to health server {"v": 0} 2024-05-05T15:58:13Z info setup Starting KongLicense controller {"v": 0} 2024-05-05T15:58:13Z info setup Inject license getter to config translator {"v": 0, "license_getter_type": "*configuration.KongV1Alpha1KongLicenseReconciler"} 2024-05-05T15:58:13Z info telemetry starting telemetry manager {"v": 0} 2024-05-05T15:58:13Z info setup Anonymous reports enabled {"v": 0} 2024-05-05T15:58:13Z info setup Starting manager {"v": 0} 2024-05-05T15:58:13Z info controller-runtime.metrics Starting metrics server {"v": 0} 2024-05-05T15:58:13Z info controller-runtime.metrics Serving metrics server {"v": 0, "bindAddress": ":10255", "secure": false} 2024-05-05T15:58:13Z info controllers.Ingress.netv1 Starting EventSource {"v": 0, "source": "channel source: 0xc00071af00"} 2024-05-05T15:58:13Z info controllers.Ingress.netv1 Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.Ingress.netv1 Starting EventSource {"v": 0, "source": "kind source: *v1.Ingress"} 2024-05-05T15:58:13Z info controllers.Ingress.netv1 Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.UDPIngress Starting EventSource {"v": 0, "source": "channel source: 0xc0008e0000"} 2024-05-05T15:58:13Z info controllers.UDPIngress Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.UDPIngress Starting EventSource {"v": 0, "source": "kind source: *v1beta1.UDPIngress"} 2024-05-05T15:58:13Z info controllers.UDPIngress Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.TCPIngress Starting EventSource {"v": 0, "source": "channel source: 0xc0008e0080"} 2024-05-05T15:58:13Z info controllers.TCPIngress Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.TCPIngress Starting EventSource {"v": 0, "source": "kind source: *v1beta1.TCPIngress"} 2024-05-05T15:58:13Z info controllers.TCPIngress Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongPlugin Starting EventSource {"v": 0, "source": "kind source: *v1.KongPlugin"} 2024-05-05T15:58:13Z info controllers.KongPlugin Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.IngressClass.netv1 Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.IngressClass.netv1 Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.EndpointSlice Starting EventSource {"v": 0, "source": "kind source: *v1.EndpointSlice"} 2024-05-05T15:58:13Z info controllers.EndpointSlice Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.Service Starting EventSource {"v": 0, "source": "kind source: *v1.Service"} 2024-05-05T15:58:13Z info controllers.Service Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.Secrets Starting EventSource {"v": 0, "source": "kind source: *v1.Secret"} 2024-05-05T15:58:13Z info controllers.Secrets Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongIngress Starting EventSource {"v": 0, "source": "kind source: *v1.KongIngress"} 2024-05-05T15:58:13Z info controllers.KongIngress Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.IngressClassParameters Starting EventSource {"v": 0, "source": "kind source: *v1alpha1.IngressClassParameters"} 2024-05-05T15:58:13Z info controllers.IngressClassParameters Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongConsumerGroup Starting EventSource {"v": 0, "source": "channel source: 0xc0008e0240"} 2024-05-05T15:58:13Z info controllers.KongConsumerGroup Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.KongConsumerGroup Starting EventSource {"v": 0, "source": "kind source: *v1beta1.KongConsumerGroup"} 2024-05-05T15:58:13Z info controllers.KongConsumerGroup Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongConsumer Starting EventSource {"v": 0, "source": "channel source: 0xc0008e01c0"} 2024-05-05T15:58:13Z info controllers.KongConsumer Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.KongConsumer Starting EventSource {"v": 0, "source": "kind source: *v1.KongConsumer"} 2024-05-05T15:58:13Z info controllers.KongConsumer Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting EventSource {"v": 0, "source": "kind source: *v1.Service"} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting EventSource {"v": 0, "source": "kind source: *v1.HTTPRoute"} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting EventSource {"v": 0, "source": "kind source: *v1beta1.KongUpstreamPolicy"} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting EventSource {"v": 0, "source": "channel source: 0xc0008e1680"} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting EventSource {"v": 0, "source": "channel source: 0xc0008e16c0"} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongVault Starting EventSource {"v": 0, "source": "channel source: 0xc0008e1700"} 2024-05-05T15:58:13Z info controllers.KongVault Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.KongVault Starting EventSource {"v": 0, "source": "kind source: *v1alpha1.KongVault"} 2024-05-05T15:58:13Z info controllers.KongVault Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.ReferenceGrant Starting EventSource {"v": 0, "source": "kind source: *v1beta1.ReferenceGrant"} 2024-05-05T15:58:13Z info controllers.ReferenceGrant Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongClusterPlugin Starting EventSource {"v": 0, "source": "kind source: *v1.IngressClass"} 2024-05-05T15:58:13Z info controllers.KongClusterPlugin Starting EventSource {"v": 0, "source": "kind source: *v1.KongClusterPlugin"} 2024-05-05T15:58:13Z info controllers.KongClusterPlugin Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.Gateway Starting EventSource {"v": 0, "source": "kind source: *v1.Gateway"} 2024-05-05T15:58:13Z info controllers.Gateway Starting EventSource {"v": 0, "source": "kind source: *v1.GatewayClass"} 2024-05-05T15:58:13Z info controllers.Gateway Starting EventSource {"v": 0, "source": "kind source: *v1.Service"} 2024-05-05T15:58:13Z info controllers.Gateway Starting EventSource {"v": 0, "source": "kind source: *v1.HTTPRoute"} 2024-05-05T15:58:13Z info controllers.Gateway Starting EventSource {"v": 0, "source": "kind source: *v1beta1.ReferenceGrant"} 2024-05-05T15:58:13Z info controllers.Gateway Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting EventSource {"v": 0, "source": "kind source: *v1.GatewayClass"} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting EventSource {"v": 0, "source": "kind source: *v1.Gateway"} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting EventSource {"v": 0, "source": "kind source: *v1beta1.ReferenceGrant"} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting EventSource {"v": 0, "source": "channel source: 0xc0008e1f40"} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting EventSource {"v": 0, "source": "kind source: *v1.HTTPRoute"} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.Gateway.V1GatewayClass Starting EventSource {"v": 0, "source": "kind source: *v1.GatewayClass"} 2024-05-05T15:58:13Z info controllers.Gateway.V1GatewayClass Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.KongLicense Starting EventSource {"v": 0, "source": "channel source: 0xc0009fc600"} 2024-05-05T15:58:13Z info controllers.KongLicense Starting EventSource {"v": 0, "source": "kind source: *v1alpha1.KongLicense"} 2024-05-05T15:58:13Z info controllers.KongLicense Starting Controller {"v": 0} 2024-05-05T15:58:13Z info controllers.Service Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.ReferenceGrant Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongClusterPlugin Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.IngressClass.netv1 Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.HTTPRoute Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongPlugin Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.EndpointSlice Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.Ingress.netv1 Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.Secrets Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongIngress Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.UDPIngress Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.TCPIngress Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.IngressClassParameters Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongUpstreamPolicy Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongConsumerGroup Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongConsumer Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.Gateway Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "8464b91c-e0fb-4413-bf57-7cabb7975b34", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "8464b91c-e0fb-4413-bf57-7cabb7975b34", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway.V1GatewayClass Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongLicense Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z info controllers.KongVault Starting workers {"v": 0, "worker count": 1} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "c5a628e6-4308-4263-ab8d-932796774f33", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "c5a628e6-4308-4263-ab8d-932796774f33", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "81df0c5a-80b5-4ad0-b135-4a402c63d1a7", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "81df0c5a-80b5-4ad0-b135-4a402c63d1a7", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "40d7d996-b4d1-4916-a093-dd91b5663f49", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "40d7d996-b4d1-4916-a093-dd91b5663f49", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "b92bf0e9-b3e3-41f6-8aef-6e176f30cce1", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "b92bf0e9-b3e3-41f6-8aef-6e176f30cce1", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "cdc46429-6269-4050-ab19-b1c361f5a82d", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "cdc46429-6269-4050-ab19-b1c361f5a82d", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:13Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "e9fb50ed-9d29-4dd4-a31e-f35c06290665", "v": 0} 2024-05-05T15:58:13Z error controllers.Gateway Reconciler error {"reconcileID": "e9fb50ed-9d29-4dd4-a31e-f35c06290665", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:14Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:14Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "abf0bafe-30b6-42f9-afc5-9fb346b8fc18", "v": 0} 2024-05-05T15:58:14Z error controllers.Gateway Reconciler error {"reconcileID": "abf0bafe-30b6-42f9-afc5-9fb346b8fc18", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:14Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:14Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "8f6de5f9-4096-482e-9934-84692ca03346", "v": 0} 2024-05-05T15:58:14Z error controllers.Gateway Reconciler error {"reconcileID": "8f6de5f9-4096-482e-9934-84692ca03346", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:16Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:16Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "bc86706e-a1c6-4f9f-86a6-2926364c1182", "v": 0} 2024-05-05T15:58:16Z error controllers.Gateway Reconciler error {"reconcileID": "bc86706e-a1c6-4f9f-86a6-2926364c1182", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:18Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:18Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "7e438ade-39da-48af-bbd4-4050fd5e109f", "v": 0} 2024-05-05T15:58:18Z error controllers.Gateway Reconciler error {"reconcileID": "7e438ade-39da-48af-bbd4-4050fd5e109f", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:21Z info Successfully synced configuration to Kong {"url": "https://localhost:8444", "update_strategy": "InMemory", "v": 0} 2024-05-05T15:58:23Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:23Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "c0508d67-82df-40fa-a64b-d016ed9824d0", "v": 0} 2024-05-05T15:58:23Z error controllers.Gateway Reconciler error {"reconcileID": "c0508d67-82df-40fa-a64b-d016ed9824d0", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:33Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:33Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "316ca12c-5759-497b-8542-8f812c2f622f", "v": 0} 2024-05-05T15:58:33Z error controllers.Gateway Reconciler error {"reconcileID": "316ca12c-5759-497b-8542-8f812c2f622f", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:54Z error controllers.Gateway One of publish services defined in Gateway's "konghq.com/publish-service" annotation didn't match controller manager's configuration {"GatewayV1Gateway": {"name":"kong","namespace":"default"}, "namespace": "default", "name": "kong", "service": "kong/kong-gateway-proxy", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} 2024-05-05T15:58:54Z info controllers.Gateway Warning: Reconciler returned both a non-zero result and a non-nil error. The result will always be ignored if the error is non-nil and the non-nil error causes reqeueuing with exponential backoff. For more details, see: https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile#Reconciler {"reconcileID": "fef9ba46-dff5-47d6-8c26-b5c43c16dbd5", "v": 0} 2024-05-05T15:58:54Z error controllers.Gateway Reconciler error {"reconcileID": "fef9ba46-dff5-47d6-8c26-b5c43c16dbd5", "error": "publish service reference \"kong/kong-gateway-proxy\" from Gateway's annotations did not match configured controller manager's publish services (\"kong/kic-kong-proxy\")"} ```Enabling Admin API specifically
If Admin API is not enabled specifically, this warning is shown when installing the helm
But enabling the admin API does not produce any change in the behaviour
Installing with
kong/ingress
I tried also to install chart
kong/ingress
specifically setting the security context in the gateway sectionThen the controller starts perfectly
But the gateway gives this error
Older versions After testing all older versions, I found out that the problem starts to happen on chart version 2.30.0. Chart version 2.29.0 starts without any problem with the following value configuration
Any clue?